Information Security News Blog
SuperMega – Cordyceps Implementation SuperMega is a shellcode loader by injecting it into genuine executables (.exe or .dll). The loader is programmed in C. The idea is that injecting shellcode nicely into a non-malicious...
Maester Monitor your Microsoft 365 tenant’s security configuration using Maester! Maester is an open source PowerShell-based test automation framework designed to help you monitor and maintain the security configuration of your Microsoft 365 environment. Why Maester?...
simplewall A simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and...
VelLMes-AI-Honeypot The VelLMes read as (Vel-L-M-es, from Slavic deity Veles and LLMs) creates interactive, dynamic, and realistic honeypots through the use of Large Language Models (LLMs). The VelLMes tool was created from a research project to show the...
What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. What’s it do tho?...
Intel Owl Do you want to get threat intelligence data about a file, an IP, or a domain? Do you want to get this kind of data from multiple sources at the same time using a...
SCAGoat SCAGoat is an application for Software Composition Analysis (SCA) that focuses on vulnerable and compromised JAR dependencies used in development code, providing users with hands-on learning opportunities to understand potential attack scenarios. It...
MSTIC Jupyter and Python Security Tools Microsoft Threat Intelligence Python Security Tools. The msticpy package was initially developed to support Jupyter Notebooks authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for...
Kubernetes Goat The Kubernetes Goat designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. ? Scenarios Sensitive keys in codebases DIND (docker-in-docker) exploitation SSRF in the Kubernetes (K8S) world Container...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
Runtime Mobile Security Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes...
Terrascan Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud-native infrastructure. Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning of Kubernetes YAML/JSON Support...